package org.example.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("/demo")
public class DemoController {

    @GetMapping("/userList")
    @PreAuthorize("hasAuthority('user:list')")
    public String userList() {
        System.out.println("李四");
        return "userList";
    }

    @GetMapping("/userAdd")
    @PreAuthorize("hasAuthority('user:add')")
    public String userAdd() {
        return "userAdd";
    }

    @GetMapping("/supplierList")
    @PreAuthorize("hasRole('employee')")
    public String supplierList() {
        System.out.println("supplierList...");
        return "supplierList";
    }

    @GetMapping("/supplierAdd")
    @PreAuthorize("hasRole('manager')")
    public String supplierAdd() {
        System.out.println("supplierAdd...");
        return "supplierAdd";
    }

}
